Installation and Configuration of Caching DNS service
1. Install the needed software, for this document we will use bind.
[root@proxy log]# yum install bind
Setting up Install Process
Setting up repositories
updates-released 100% |=========================| 951 B 00:00
Setting up repositories
updates-released 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
base 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
Installed Packages
Name : bind
Arch : i386
Version: 9.3.1
Release: 4
Size : 1.4 M
Repo : installed
Summary: A DNS (Domain Name System) server.
2. Edit the config files based on your network.
[root@proxy etc]# more named.conf
//
// named.conf for Red Hat caching-nameserver
//
acl pmsi-net { 127.0.0.1; localhost;
192.168.0/24;
20.18.10.0/24;
};
logging {
channel query_logging {
file "/var/log/querylog" versions 3 size 100M;
print-time yes; // timestamp log entries
print-severity yes;
};
channel activity_log {
file "/var/log/activity_log" versions 3 size 100M;
print-time yes;
print-severity yes;
};
category resolver { query_logging; };
category queries { query_logging; };
category xfer-in { activity_log; };
category xfer-out { activity_log; };
category notify { activity_log; };
category security { activity_log; };
category update-security { activity_log; };
category network { null; };
category lame-servers { null; };
};
options {
forwarders { 208.67.xxx.222; 208.67.xxx.220; };
directory "/var/named";
allow-recursion { pmsi-net; };
allow-query { pmsi-net; };
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
};
//
// a caching only nameserver config
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
include "/etc/rndc.key";
3. After editing the conf file, restart the service.
[root@proxy log]# /sbin/service named restart
Stopping named: [ OK ]
Starting named: [ OK ]